Stuxnet-like viruses to be released more broadly in 2011

Known to successfully slow down the Iranian nuclear program, the Stuxnet cyber worm is now expected to spawn variations that are predicted to disrupt non-traditional IT targets, from power grids to electronic voting stations.

The Stuxnet cyber worm is a very complex, efficient and stealthy string of code that was first discovered in June 2010. And while it is likely the darling of Western governments for the disruption it unleashed on Iran's embryonic nuclear program, there are emerging concerns that variants of the Stuxnet virus could bring widespread havoc to systems around the world - beyond the traditional information technology targets.

eWeek reported on Tuesday that the Stuxnet worm is thought to have damaged as many as 1,000 Iranian centrifuges, after having already affected more than 62,000 computer systems in Iran alone. The genius of the Stuxnet code was reported in the mild manipulation of the centrifuge engine speeds, prompting the engines to operate just fast enough to break down.

This manipulation was made possible with code commands inserted through common USB thumb drives, a subtle approach that transported the worm from computer operating systems to the electronic operating systems of the centrifuge engines.

The inevitable evolution of the Stuxnet worm is now expected to yield variants that can target multitudes of electronic operating systems - such as those governing national power grids, according to eWeek.

"We need to think above and beyond expected targets, which are not servers or routers," Adam Bosnian, an executive vice president for information security company Cyber-Ark, told eWeek.

According to a August 2010 Symantec study on the impact of the Stuxnet worm, the malware code has hit 62,867 computers in Iran; 13,336 in Indonesia; 6,552 in India; 2,913 in the United States; 2,436 in Australia; 1,038 in the United Kingdom; 1,013 in Malaysia; and 993 in Pakistan.